You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* chore: bump version to 2.7.2-beta.12
Update package.json version to match the latest beta release
so the auto-updater correctly detects the current version.
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(hooks): update both URL path and filename in README download links
The version sync in pre-commit only updated Auto-Claude-X.Y.Z filename
patterns but not the /download/vX.Y.Z/ URL path, resulting in broken
download links (e.g., /download/v2.7.1/Auto-Claude-2.8.0-win32.exe).
Now uses section-aware updates:
- Prerelease versions only update BETA_* sections
- Stable versions only update STABLE_* and TOP_* sections
- Both URL path and filename are updated together
* fix(hooks): run ruff only on staged Python files in pre-commit
The backend section was running ruff on ALL Python files in apps/backend/
and then staging ALL Python files, which caused unstaged changes to be
unintentionally committed. Now it mirrors the frontend's lint-staged
approach by only processing files that are actually staged for commit.
* fix(pr-review): block merge when CI checks are failing
PR reviews now check GitHub CI status and treat failing checks as
blocking issues. Previously, the review could approve a PR even when
tests were failing, leading to bad UX where contributors would fix
code issues only to discover CI failures afterward.
Changes:
- Add get_pr_checks() method to gh_client for fetching CI status
- Integrate CI status into verdict logic for initial and follow-up reviews
- Show CI failures in "Blocking Issues" section alongside code findings
- Override "Ready to Merge" verdict to "Blocked" when CI is failing
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(security): add tool input validation and fix qa_reviewer permissions
Addresses two issues identified in agent logs:
1. QA reviewer was missing write permissions to create qa_report.md and
update implementation_plan.json. Changed qa_reviewer tools config from
BASE_READ_TOOLS + ["Bash"] to include BASE_WRITE_TOOLS.
2. Malformed tool inputs (None, wrong type) caused confusing errors like
"Command 'Category' is not in the allowed commands". Added validation
in bash_security_hook to block malformed inputs with clear error messages.
Also created centralized tool_input_validator.py and updated all session
processors (session.py, qa/reviewer.py, qa/fixer.py, agent_runner.py) to
use get_safe_tool_input() helper for safe extraction.
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat(pr-review): add finding-validator agent to prevent false positives
PR follow-up reviews were keeping findings as "unresolved" without
re-investigating if they were valid issues. Initial false positives
(hallucinated issues) would persist indefinitely across follow-ups.
This adds a new finding-validator specialist agent that:
- Actively reads code at finding locations with fresh eyes
- Requires concrete code evidence for any conclusion
- Can dismiss findings as false_positive OR confirm them as valid
- Integrates with the parallel follow-up review orchestrator
Changes:
- New pr_finding_validator.md prompt for the specialist agent
- FindingValidationResult Pydantic model with evidence requirements
- Validation fields on PRReviewFinding (status, evidence, confidence)
- Updated orchestrator to invoke finding-validator for unresolved findings
- Summary now shows dismissed false positives count
- 17 new tests covering validation scenarios
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(pr-review): keep GitHubPRs mounted to preserve background task state
When navigating away from the GitHub PRs tab during a background PR review
or follow-up, the component would unmount and lose visibility of the
running process. Applied the same pattern used by TerminalGrid: keep the
component always mounted but hidden with CSS when not active. This ensures
the Zustand store subscriptions remain active and both the PR list and
detail views update correctly during background reviews.
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(pr-review): fix phase status badges and list sync issues
Two issues fixed:
1. PR list not showing 'Ready for Follow-up' indicator - Changed from
using imperative store updates to React hook subscriptions for
setNewCommitsCheck, ensuring proper re-renders when store updates.
2. Phase status badges showing 'Complete' incorrectly during review -
Only mark phases as completed if they were actually active (had
entries). Save immediately when phase becomes active. Added frontend
defensive check to show 'Pending' for completed phases with no entries
during streaming.
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix(release): sync versions and add PowerShell newline escaping
Address PR review findings:
- Sync root package.json and backend __init__.py to 2.7.2-beta.12
to match frontend version (fixes atomic versioning violation)
- Add \r and \n escaping to escapePowerShellCommand() to prevent
newline injection attacks in Windows terminal commands
π€ Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
# Sync to README.md - shields.io version badge (text and URL)
28
+
# Sync to README.md - section-aware updates (stable vs beta)
29
29
ESCAPED_VERSION=$(echo "$VERSION" | sed 's/-/--/g')
30
-
sed -i.bak -e "s/version-[0-9]*\.[0-9]*\.[0-9]*\(-\{1,2\}[a-z]*\.[0-9]*\)*-blue/version-$ESCAPED_VERSION-blue/g" -e "s|releases/tag/v[0-9.a-z-]*)|releases/tag/v$VERSION)|g" README.md
31
30
32
-
# Sync to README.md - download links with correct filenames and URLs
33
-
for SUFFIX in "win32-x64.exe" "darwin-arm64.dmg" "darwin-x64.dmg" "linux-x86_64.AppImage" "linux-amd64.deb"; do
34
-
sed -i.bak "s|Auto-Claude-[0-9.a-z-]*-${SUFFIX}](https://github.com/AndyMik90/Auto-Claude/releases/download/v[^/]*/Auto-Claude-[^)]*-${SUFFIX})|Auto-Claude-${VERSION}-${SUFFIX}](https://github.com/AndyMik90/Auto-Claude/releases/download/v${VERSION}/Auto-Claude-${VERSION}-${SUFFIX})|g" README.md
35
-
done
31
+
# Detect if this is a prerelease (contains - after base version)
32
+
if echo "$VERSION" | grep -q '-'; then
33
+
# PRERELEASE: Update only beta sections
34
+
echo " Detected PRERELEASE version: $VERSION"
35
+
36
+
# Update beta version badge (orange)
37
+
sed -i.bak "s/beta-[0-9]*\.[0-9]*\.[0-9]*\(--[a-z]*\.[0-9]*\)*-orange/beta-$ESCAPED_VERSION-orange/g" README.md
38
+
39
+
# Update beta version badge link
40
+
sed -i.bak '/<!-- BETA_VERSION_BADGE -->/,/<!-- BETA_VERSION_BADGE_END -->/s|releases/tag/v[0-9.a-z-]*)|releases/tag/v'"$VERSION"')|g' README.md
0 commit comments